针对克隆代码与非克隆代码产生“漏洞”倾向性的问题进行了研究,基于“漏洞”对不同类型克隆和非克隆代码进行了比较分析.首先提取软件系统中具有漏洞的代码,并使用克隆检测工具检测出软件的克隆代码;其次分别提取能够产生“漏洞”的克隆和非克隆代码,并分别计算不同克隆类型和非克隆的BOC漏洞密度和LOC漏洞密度;最后对type-1、pure type-2、pure-type3的克隆和非克隆漏洞密度进行了对比分析,并对代码中产生的“漏洞”类型进行分类分析,使用曼—惠特尼检验(WMM)验证了结果的有效性.实验结果表明type-1类型的克隆更容易产生“漏洞”,pure type-3类型的克隆引入漏洞的几率相对较小.研究还得出在克隆和非克隆代码中分别存在出现频率较高的“漏洞”集合,增加了对克隆特性的理解,帮助软件设计和开发人员减少代码克隆对软件造成的负面影响.%In order to solve the problem of "loophole" tendency between clone code and non-clone code,this paper made a comparative analysis of different types of clones and non-clones based on "loopholes".First of all,it extracted the vulnerability of the software system code,used the clone detection tool to detect the software cloning code.Secondly,it extracted the clone and nonclone code which could produce "loophole",and calculated the BOC vulnerability density and LOC vulnerability density of different clone types and non-clones separately.Finally,this paper compared and analyzed the vulnerability of type-1,pure type-2,pure-type 3 clones and non-clones,and analyzed the results by Mann-Whitney test (WMM).The experimental results show that type-1 clones are more prone to "loopholes",and that the cloning of pure type-3 clones is less likely to introduced vulnerabilities.The study also found that clone and non-cloned code are in a higher frequency of "loopholes" set.This study adds to understanding of cloning features to help software designers and developers reduce the impact of code cloning on software.
展开▼
